OFAC & FINRA – What You Need to Know - Federal Lawyer
WSJ logo
Forbes logo
Fox News logo
CNN logo
Bloomberg logo
Los Angeles Times logo
Washington Post logo
The Epoch Times logo
Telemundo logo
New York Times
NY Post logo
NBC logo
Daily Beast logo
USA Today logo
Miami Herald logo
CNBC logo
Dallas News logo

OFAC & FINRA – What You Need to Know

The Office of Foreign Assets Control (OFAC) and Financial Industry Regulatory Authority (FINRA) both play a role in regulating the securities market in the United States. OFAC shares responsibility with the U.S. Department of Justice (DOJ) and other federal agencies for enforcing the Bank Secrecy Act (BSA). The BSA applies to “financial institutions,” as defined in 31 U.S.C. Section 5312(a)(2), which includes securities brokers and investment companies. FINRA regulates the securities broker-dealer industry alongside the U.S. Securities and Exchange Commission (SEC), establishing requirements for brokers and firms as well as providing an arbitration venue for resolving customer disputes.

Click images to see larger versions.

For companies, firms, and individuals in the securities industry, OFAC compliance and FINRA compliance go hand-in-hand—so much so that until recently FINRA hosted a FINRA OFAC search tool that offered assistance with complying with OFAC’s sanctions programs. While FINRA retired this search tool in January 2023, investment companies, brokerage firms, and individual broker-dealers must continue to maintain strict compliance with OFAC sanctions programs, FINRA’s Rules, and federal laws like the BSA that fall within OFAC’s and FINRA’s enforcement jurisdiction.

Managing OFAC and FINRA Compliance in the Securities Industry in 2023

John W. Sellers
John Sellers
OFAC and FINRA Team Lead
Former OFAC Prosecutor envelope icon Contact John
Nick Oberheiden
Attorney Nick Oberheiden
OFAC and FINRA Team Lead (EU)
Germany, France & Brazil envelope icon Contact Nick
Glenn Karabeika
Glenn Karabeika
OFAC and FINRA Team Expert
Former OFAC Agent

OFAC compliance and FINRA compliance each present their own unique set of challenges. Companies and firms’ obligations vary based on their size, financial resources, customer base, and various other factors; and, while OFAC and FINRA have both published compliance resources, they have also made clear that these resources are illustrative rather than instructive. There is no one-size-fits-all approach to OFAC and FINRA compliance, yet all investment companies, brokerage firms, and individual broker-dealers must ensure that they are prepared to affirmatively demonstrate compliance to OFAC and FINRA when necessary.

With this in mind, here is a brief overview of some of the key aspects of OFAC and FINRA compliance for investment companies, brokerage firms, and individual broker-dealers in 2023:

Key Aspects of OFAC Compliance in the Securities Industry

For investment companies and brokerage firms, OFAC compliance focuses predominantly (though not exclusively) on avoiding doing business with Specially Designated Nationals (SDNs) and otherwise engaging in business that violates OFAC sanctions. As OFAC explains, “[SDNs’] assets are blocked and U.S. persons are generally prohibited from dealing with them.” Under OFAC’s regulations, “U.S. persons” include both individuals and entities.

To maintain compliance with the BSA and OFAC’s sanctions programs, investment companies and brokerage firms must take steps including (but by no means limited to):

  • Implementing “know-your-customer” (or “KYC”) policies designed to identify SDNs
  • Implementing safeguards designed to identify transactions involving SDNs and their related parties
  • Blocking or rejecting transactions involving SDNs and/or implicating other OFAC sanctions programs
  • Timely reporting all blocked and rejected transactions to OFAC
  • Appointing an OFAC compliance officer who holds primary responsibility for administering the company’s or firm’s OFAC compliance program
  • Providing OFAC compliance training to all personnel who are involved in conducting customer due diligence and processing transactions
  • Conducting periodic risk assessments, tests, and audits to confirm the effectiveness of the company’s or firm’s OFAC compliance program (and identify any gaps that need to be filled)

Again, these are just examples. OFAC’s A Framework for OFAC Compliance Commitments and Sanctions Enforcement Guidelines provide additional insights into what it takes to maintain an effective OFAC compliance program. Ultimately, however, investment companies and brokerage firms must independently assess their compliance obligations and develop a custom-tailored compliance program that addresses their specific risks and needs.

Key Aspects of FINRA Compliance for Brokerage Firms and Broker-Dealers

While OFAC compliance largely focuses on addressing the prohibitions that apply under the Office’s sanctions programs, FINRA compliance focuses primarily on investor protection. FINRA’s Rules impose wide-ranging requirements and prohibitions for both brokerage firms and individual broker-dealers—starting with the requirement to register before offering brokerage services to customers in the United States. But, registration is truly just the start of FINRA compliance. Under FINRA’s Rules, other key aspects of compliance include (but are not limited to):

  • Customer disclosures
  • Avoiding conflicts of interest
  • Providing suitable investment advice
  • Supervisory responsibilities
  • Customer and transaction record-keeping requirements
  • Clearing and transaction requirements
  • Financial and operational standards

Within each of these broad categories (among others), brokerage firms and individual brokers have a host of specific obligations. Here, too, firms must take adequate steps not only to implement an effective compliance program, but also to effectively maintain—and document—compliance on an ongoing basis.

Put our highly experienced team on your side

Dr. Nick Oberheiden
Dr. Nick Oberheiden



Lynette S. Byrd
Lynette S. Byrd

Former DOJ Trial Attorney


Brian J. Kuester
Brian J. Kuester

Former U.S. Attorney

Amanda Marshall
Amanda Marshall

Former U.S. Attorney

Local Counsel

Joe Brown
Joe Brown

Former U.S. Attorney

Local Counsel

John W. Sellers
John W. Sellers

Former Senior DOJ Trial Attorney

Linda Julin McNamara
Linda Julin McNamara

Federal Appeals Attorney

Aaron L. Wiley
Aaron L. Wiley

Former DOJ attorney

Local Counsel

Roger Bach
Roger Bach

Former Special Agent (DOJ)

Chris Quick
Chris J. Quick

Former Special Agent (FBI & IRS-CI)

Michael S. Koslow
Michael S. Koslow

Former Supervisory Special Agent (DOD-OIG)

Ray Yuen
Ray Yuen

Former Supervisory Special Agent (FBI)

Building and Implementing an Effective OFAC-FINRA Compliance Program

While OFAC compliance and FINRA compliance each present unique challenges and requirements, companies, firms, and brokers can address many aspects of compliance simultaneously. There is definitely some overlap, and developing a single, integrated compliance program can both streamline compliance and minimize the risk of failures. Here are some key considerations:

1. Senior Management and an Organizational Commitment to Compliance

OFAC describes “Senior Management’s commitment to, and support of, an organization’s risk-based [sanctions compliance program]” as an “essential[] component of compliance” and “one of the most important factors in determining its success.” Likewise FINRA expects all brokerage firms to take a top-down approach to compliance—fostering an environment where compliance is rewarded and where individuals who commit violations are held accountable.

All investment companies and brokerage firms should have an OFAC compliance officer and a FINRA compliance officer who holds primary responsibility for updating and upholding the organization’s compliance program. These may or may not be the same person; and, depending on a company’s or firm’s size and geographic disbursement, a larger compliance team may be necessary as well.

2. Written Compliance Policies and Procedures

Effectively managing OFAC and FINRA compliance starts with adopting written compliance policies and procedures. A company’s or firm’s compliance policies and procedures must be custom-tailored to its operations and organizational structure—and, at the same time, comprehensively address all pertinent OFAC and FINRA requirements. Where these requirements overlap (i.e., with respect to customer identification), companies and firms should adopt integrated policies and procedures in order to avoid duplication and confusion. In many respects, having policies and procedures that are concise and well-organized is just as important as ensuring compliance policies and procedures’ comprehensiveness.

3. Software Applications and Other Means of Implementation

In today’s world, software plays a critical role in both OFAC and FINRA compliance. Investment companies and brokerage firms must invest in software applications that allow them to accurately identify their customers, identify applicable OFAC sanctions, appropriately document all transactions, and process all transactions in accordance with FINRA’s requirements. While there are multiple platforms on the market, some are better than others, and companies and firms must take the time necessary to ensure that their software tools are both appropriately customized and up to date.

Along with software, effectively managing OFAC and FINRA compliance requires various other means of implementation as well. As with other aspects of compliance, determining an individual company’s or firm’s specific needs requires critical analysis on a case-by-case basis.

4. Personnel Training

With policies, procedures, software, and other necessary means of implementation in place, investment companies and firms must train their personnel on all pertinent aspects of OFAC and FINRA compliance. Personnel in different positions will need to know different information—and their training programs should be developed accordingly. For example, individuals who are responsible for conducting KYC research and processing transactions will play a different role in managing compliance than broker-dealers. Both groups of personnel need training, but their training programs will be (or should be) almost entirely unalike.

5. Risk Assessments and Compliance Testing and Auditing

Both OFAC and FINRA expect investment companies and brokerage firms to assess the efficacy of their compliance programs on an ongoing basis. Establishing compliance is not a one-time event, but rather a continuous process that requires reevaluation and refinement.

To this end, companies and firms should conduct risk assessments as well as compliance tests and audits as often as necessary to maintain a reasonably up-to-date understanding of the efficacy of their compliance programs. When a risk assessment, test, or audit reveals a shortcoming in a company’s or firm’s compliance program, the deficiency should be addressed promptly in order to avoid unnecessary risks and consequences.

6. Internal Compliance Enforcement

Along with internal compliance monitoring, internal compliance enforcement is important as well. As noted above, individual personnel who are responsible for OFAC and FINRA compliance violations should be held accountable. At the same time, however, companies and firms must assess why violations occur and address the root cause before it leads to additional issues.

7. Voluntary Self-Disclosure, OFAC Examinations, and FINRA Investigations

Finally, in addition to addressing compliance internally, companies and firms must also address the external risks associated with OFAC and FINRA compliance failures. In some circumstances, voluntary self-disclosure may be necessary—even if it triggers an OFAC examination or FINRA investigation. Companies and firms should proactively prepare for the possibility of facing OFAC or FINRA scrutiny as well. Among other things, this means ensuring that they have sufficient documentation on hand to affirmatively demonstrate their comprehensive and good-faith efforts to maintain compliance.

Contact the OFAC and FINRA Compliance Lawyers at Oberheiden P.C.

Do you have questions about OFAC or FINRA compliance (or both)? If so, we invite you to get in touch. To speak with an OFAC and FINRA compliance lawyer at Oberheiden P.C., please call 888-680-1745 or request a complimentary consultation online today.

WordPress Lightbox